Random numbers are difficult to generate in a digital environment that constitutes a computer platform. With the expansion of computer networking, the need for secure network transactions is on the rise. Secure network transactions often depend on encryption algorithms. These encryption algorithms require copious amounts of random bits as they operate to provide secure network transactions. Some encryption algorithms require truly random bits in order to provide high levels of security.
Truly random numbers are generally attainable through the use of a hardware-based random number generator embodied as a peripheral that can be accessed by a computer. A hardware-based random number generator typically relies on some natural phenomenon as a source of entropy. For example, one embodiment of a hardware-based random number generator uses radioactive decay as a source of entropy. Yet another example of a hardware-based random number generator relies on thermal noise as a source of entropy. The term “entropy” refers to the state of disorder in a system and is considered to be one metric by which the randomness of a random number is measured.
Computer systems have also relied on software-based random number generators. Software-based random number generators are not really random number generators at all. Rather, a software-based random number generator is capable of generating a value that is more properly referred to as a pseudo-random number. These software-based pseudo-random number generators have been commonly used in the past because they are inexpensive and because they generate fairly random values without relying on any specialized hardware. A sequence of integers generated by a pseudo-random number generator generally exhibits good statistical randomness. However, good statistical randomness may not be sufficient for use in all applications, e.g. in cryptographic applications. The problem with pseudo-random number generators is that they rely on a seed number to generate pseudo-random numbers. Because these software based pseudo-random number generators are “seed-based”, the output they produce is predictable, if in fact the seed number is known. Hence, a software-based pseudo-random number generator is generally not capable of providing an unpredictable stream of random bits required by many of the encryption algorithms used to secure today's network communications.
There are also many hybrid solutions that utilize a low-entropy seed value for driving a software-based random number generator. For example, one such hybrid solution retrieves a hardware number from some hardware device that is readily accessible to a computer. According to one example, a real-time clock is used as the source of a hardware number. The hardware number, which is also known as a hardware driven number, is then read by a software-based pseudo-random number generator. The problem with these hybrid solutions is that the underlying source of a hardware driven number often exhibits some level of predictability. In the case where hardware driven numbers are retrieved from a real-time clock, the output of the software-based random number generator will exhibit a pattern that is driven by the periodicity of the real-time clock. Hence, the time values will give rise to predictability in the output of a pseudo-random number generator that uses those time values as a seed value.
This same underlying problem manifests itself in the output of a software-based pseudo-random number generator irrespective of the source of hardware driven numbers used as a seed number. Consider, for example, the use of a system-wide counter as a source of a hardware driven numbers wherein the system-wide counter is driven by a system clock. The periodicity of the counter will be manifest in the output of the software-based pseudo-random number generator because the actual instructions executed by a processor in the computer system are executed according to the same system clock that drives the system-wide counter.